Droidlysis analyzer closes#1591

[g4ze]

closes #1591

Description

Please include a summary of the change and link to the related issue.

Type of change

Please delete options that are not relevant.

• [ ] Bug fix (non-breaking change which fixes an issue).
• [x] New feature (non-breaking change which adds functionality).
• [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected).

Checklist

• [x] I have read and understood the rules about how to Contribute to this project
• [x] The pull request is for the branch develop
• [x] A new plugin (analyzer, connector, visualizer, playbook, pivot or ingestor) was added or changed, in which case:
  • [x] I strictly followed the documentation "How to create a Plugin"
  • [ ] Usage file was updated.
  • [ ] Advanced-Usage was updated (in case the plugin provides additional optional configuration).
  • [x] I have dumped the configuration from Django Admin using the dumpplugin command and added it in the project as a data migration. ("How to share a plugin with the community")
  • [x] If a File analyzer was added and it supports a mimetype which is not already supported, you added a sample of that type inside the archive test_files.zip and you added the default tests for that mimetype in test_classes.py.
  • [ ] If you created a new analyzer and it is free (does not require any API key), please add it in the FREE_TO_USE_ANALYZERS playbook by following this guide.
  • [ ] Check if it could make sense to add that analyzer/connector to other freely available playbooks.
  • [x] I have provided the resulting raw JSON of a finished analysis and a screenshot of the results.
  • [ ] If the plugin interacts with an external service, I have created an attribute called precisely url that contains this information. This is required for Health Checks.
  • [x] If the plugin requires mocked testing, _monkeypatch() was used in its class to apply the necessary decorators.
  • [x] I have added that raw JSON sample to the MockUpResponse of the _monkeypatch() method. This serves us to provide a valid sample for testing.
• [ ] If external libraries/packages with restrictive licenses were used, they were added in the Legal Notice section.
• [x] Linters (Black, Flake, Isort) gave 0 errors. If you have correctly installed pre-commit, it does these checks and adjustments on your behalf.
• [ ] I have added tests for the feature/bug I solved (see tests folder). All the tests (new and old ones) gave 0 errors.
• [ ] If changes were made to an existing model/serializer/view, the docs were updated and regenerated (check CONTRIBUTE.md).
• [ ] If the GUI has been modified:
  • [ ] I have a provided a screenshot of the result in the PR.
  • [ ] I have created new frontend tests for the new component or updated existing ones.
• [x] After you had submitted the PR, if DeepSource, Django Doctors or other third-party linters have triggered any alerts during the CI checks, I have solved those alerts.

Important Rules

• If you miss to compile the Checklist properly, your PR won't be reviewed by the maintainers.
• Everytime you make changes to the PR and you think the work is done, you should explicitly ask for a review. After being reviewed and received a "change request", you should explicitly ask for a review again once you have made the requested changes.

[g4ze]

I think there's some issue with the config file. I'm not sure if there's any more details given more that what I have coded here. can you please have a look at it? @mlodic
I think i need to configure some more paths, but i am not sure what do these paths have to point to.

[mlodic]

hey, I'd create a new folder in the malware_tools_analyzers folder for droidlys and put the configuration file there (not in the dockerfile) + the other required software. With the option --config you can choose which config file to launch. Also, please create a python virtual environment where to install droidlys and add a requirements file, similar to other already existing cases.

Then why you disabled json output in the command line?

Also I think that maybe some systems packages are missing. Check the instructions closely

[g4ze]

I'll do what you've asked for here. I think the docs don't specify any more tools than the ones I have already installed, for the config. Still, it seems like there is some unsaid dependency to it.

[g4ze]

is this some permission problem?

[g4ze]

output.json

[g4ze]

here also, the test is failing as mentioned here

[mlodic]

same as for the other PR, gtg after fixing the test

[g4ze]

@mlodic the tests seem to failing. Could you have a look at it?

[mlodic]

I think it's the same problem that appeared in the other PR. In this case, I think we can re-arrange it by avoing adding tests for additional file types. You could use application/vnd.android.package-archive which already exists

[mlodic]

nvm the error is for AssertionError: Analyzer DroidLysis with config Droidlysis and mimetype application/vnd.android.package-archive failed Report is empty. Reason: None itself. There's some lower level debugging to do here and try the test locally

[g4ze]

we are gtg here as well @mlodic

[g4ze]

all migrations and test_files taken care of, good to go